package com.dyp.security.demo.web.rest;

import jakarta.annotation.security.PermitAll;
import jakarta.annotation.security.RolesAllowed;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.function.Supplier;
// sudo tcpdump -i any -s 0 -A 'port 8080' 抓包看swagger的调用请求是附加了JSESSIONID=0E9EF3251EBCBDF09F0EFCD8B105C9A5，这个是登录的时候给的，通过该值在后端查到用户权限
@RestController
@RequestMapping("/user")
public class UserResource {
//    @PermitAll
    @GetMapping("/all")
    public List<String> getAllUserName() {
        List<String> ALLOWED_ORDERED_PROPERTIES = Collections.unmodifiableList(
                Arrays.asList(
                        "id",
                        "login",
                        "firstName",
                        "lastName",
                        "email",
                        "activated",
                        "langKey",
                        "createdBy",
                        "createdDate",
                        "lastModifiedBy",
                        "lastModifiedDate"
                ));
        return  ALLOWED_ORDERED_PROPERTIES;
    }


//    @RolesAllowed({"admin"})
//    @PermitAll
    @PostMapping("/one")
    public String createUser(){
        return "create user info";
    }

//    @PermitAll
    @PostMapping("/all/one")
    public String getAll(){
        return "all thing";
    }
}
